exploitDog

CVE-2021-3817

Опубликовано: 09 дек. 2021

Источник: nvd

CVSS3: 9.8

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command

Ссылки

http://packetstormsecurity.com/files/165377/WBCE-CMS-1.5.1-Admin-Password-Reset.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/wbce/wbce_cms/commit/6ca63f0cad5f0cd606fdb69a372f09b7d238f1d7
Patch
Third Party Advisory
https://huntr.dev/bounties/c330dc0d-220a-4b15-b785-5face4cf6ef7
Exploit
Patch
Third Party Advisory
http://packetstormsecurity.com/files/165377/WBCE-CMS-1.5.1-Admin-Password-Reset.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/wbce/wbce_cms/commit/6ca63f0cad5f0cd606fdb69a372f09b7d238f1d7
Patch
Third Party Advisory
https://huntr.dev/bounties/c330dc0d-220a-4b15-b785-5face4cf6ef7
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wbce:wbce_cms:*:*:*:*:*:*:*:*

Версия до 1.5.2 (исключая)

EPSS

Процентиль: 98%

0.49236

Средний

9.8 Critical

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-mjx8-7r29-w8cq

github

около 4 лет назад

wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command

EPSS

Процентиль: 98%

0.49236

Средний

9.8 Critical

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89